Microsoft Patch Tuesday: June 2022

This month appears to be a quiet Patch Tuesday, with only 55 new vulnerabilities being patched; 3 critical, 1 publicly disclosed and 1 exploited in the wild. This is a decrease of 18 total vulnerabilities compared to last month’s release.

June’s instalment includes patches for some key software such as:

  • Visual Studio
  • Azure
  • Intel
  • Microsoft Edge
  • Microsoft Office
  • Role: Windows Hyper-V
  • SQL Server
  • Windows App Store
  • Windows Defender
  • Windows Installer
  • Windows Kernel
  • Windows PowerShell

CVE-2022-30190: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

This remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, delete data, or create new accounts in the context allowed by the user’s rights. Although not classified as critical this is the only vulnerability that has been publicly disclosed and has been seen in the wild.

CVE-2022-30136: Windows Network File System Remote Code Execution Vulnerability

This critical vulnerability could allow a hacker to trigger remote code execution. By sending a specially crafted packet call to a Network File System (NFS) a hacker could submit code to be executed by the system all while being unauthenticated. This vulnerability is more likely to be exploited due to not having to be authenticated by a system holding potentially sensitive data.

CVE-2022-30139: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

This critical vulnerability affects an unknown part of the component LDAP. The manipulation of an unknown input can lead to a privilege escalation vulnerability. Exploitation is known to be difficult but can be initiated remotely by a hacker. Simple authentication is necessary for this vulnerability to be exploited potentially providing some protection against novice hackers. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable.

CVE-2022-30163: Windows Hyper-V Remote Code Execution Vulnerability

The last critical vulnerability would require the hacker to win a race condition. a successful attack could allow a hacker to traverse the guest’s security boundary to execute code on the Hyper-V host execution environment.

For a full list of this month’s updates please see the links below:

Patch Tuesday release notes:

Security update guide:

Ironshare – Security Simplified